Wireless mesh network

ABSTRACT

Disclosed is a wireless mesh network that includes a first node node and at least one second node. The first node is configured to provide a bi-directional mesh communication to the at least one second node. The first node is configured to broadcast a beacon periodically. The at least one second node is configured to sent a data frame to the first node. The data frame is encrypted by way of an Initialization Vector, which has been composed from at least a first node-specific Super Frame Counter included into the beacon, a Sender-Node-Specific-Frame Counter, and an identification of a sender.

TECHNICAL FIELD

The application relates generally to a wireless mesh network.

BACKGROUND

A wireless mesh network (WMN) 100 is formed by multiple, possiblyhundreds or thousands or even more of radio nodes 102, 104 that maycommunicate with each other, depending on e.g. transmission range,frequency channel usage, etc. The wireless mesh network 100 may have oneor more sink nodes 106 that may be part of gateways to other networks,e.g. Internet 108.

FIG. 1 presents an example of the wireless mesh network 100 that may notbe in static radio environment and part of the nodes may move, appear,or disappear. Therefore, the example mesh network 100 isself-organizing, and every node 102,104 may do decisions independently,but supporting the network 100 and its data delivery functionality.

One example of the wireless mesh network 100 is a wireless sensornetwork (WSN) formed by sensor devices 102, 104 that produce data. Eachsensor device 102, 104 may be equipped with one or more radio that isused to deliver the data towards the sink node 106. Even if a singlesensor radio cannot directly reach the sink node 106, the wireless meshnetwork 100 formed between the sensor radio nodes 102, 104 takes care ofit. A routing protocol implemented in each radio node 102, 104 choosesthe way to the sink node 106. Similarly, there may be data that isdelivered, over multiple radio hops, from the sink node 106 to thenode(s) 102, 104 or in between nodes 102, 104.

Typically, the wireless mesh network 100 may be formed by nodes 102, 104that have limited energy resources, like batteries, while other nodes102, 104 may be mains powered. The battery-operated nodes 102, 104 needto restrict their operation in very short time periods to not to drainthe batteries more than necessary. In the wireless mesh network 100 thismeans that the radio nodes 102, 104 need to be synchronized to eachother. Using the synchronization and a Medium Access Control (MAC)communication protocol the nodes 102, 104 know when they should switchtheir transceiver on.

In addition, the transmission power of the battery-operated nodes 102,104 should be optimized so that they only use transmitter powersufficient to reach the targeted neighbour node 102, 104. This not onlysaves the battery of the node 102, 104, but also to limit the radiointerference in the wireless mesh network 100. The mains powered nodes102, 104 may keep their radio on all the time, primarily in thereceiving mode.

A wireless mesh network 100 may be organized in clusters 110. This meansthat at least one node 102, called as a cluster head 102, in the cluster1101 has taken responsibility for maintaining the time synchronizationand frequency channel co-ordination among the cluster members 104. Atleast the head node 102 may take a role of routing node to forward dataof the cluster members 104, while the rest of the nodes 104 may not dorouting. The transmission powers are adjusted to operate within thecluster 110. Each cluster head node 102 needs to be a member of at leastone other cluster 110 to be able to route data forward. In addition,typically only the cluster head 102 transmits data out of the cluster110, to the next cluster 110 on the way towards the sink node(s) 106.

SUMMARY

One object of the invention is to provide an encrypting method for awireless mesh network, which ensure secure encryption by providing aunique Initialization Vector for AES-based ciphering. In addition, themethod allows routing to change and enables to avoid sending a completeIV in each packet header.

One object of the invention is fulfilled by a wireless mesh network,device, methods, computer program, and computer-readable mediumaccording to the independent claims.

One embodiment is a wireless mesh network (system) comprising a firstnode and at least one second node. The first node is configured toprovide a bi-directional mesh communication to the at least one secondnode. The first node is configured to broadcast a beacon periodically.The at least one second node is configured to sent a data frame to thefirst node. The data frame is encrypted by means of an InitializationVector (IV), which has been composed from at least a first node-specificSuper Frame Counter (SFC) included into the beacon, aSender-Node-Specific-Frame Counter (SNSC), and an identification of asender.

One embodiment is an encrypting method for a wireless mesh network. Themethod comprises steps of including, by a first node, an initializedfirst node-specific SFC into a beacon, broadcasting, by the first node,the beacon periodically, and receiving, by at least one second node, thebeacon. The method further comprises a step of composing, by the atleast one second node, an IV from at least the SFC obtained from thebeacon, a SNSC, and an identification of a sender, and using, by the atleast one second node, the IV in order to encrypt a data frame to besent to the first node.

One embodiment is a device (an apparatus) for a wireless mesh network.The device comprises a microcontroller unit and a radio transceiver. Thedevice is configured to provide, by the radio transceiver, abi-directional mesh communication to a first node device, to receive, bythe radio transceiver, a broadcasted beacon from the first node device,and to sent, by the radio transceiver, a data frame to the first nodedevice. The device encrypts the data frame by means of an IV, which hasbeen composed from at least a first node-specific SFC included into thebeacon, a SNSC, and an identification of a sender.

One embodiment is an encrypting method for a device in a wireless meshnetwork. The method comprises steps of providing, by the radiotransceiver, a bi-directional mesh communication to a first node device,receiving, by the radio transceiver, a broadcasted beacon from the firstnode device, and sending, by the radio transceiver, a data frame to thefirst node device. The method further comprises steps of composing, bythe microcontroller unit, an IV from at least a first node-specific SFCincluded into the beacon, a SNSC, and an identification of a sender, andencrypting, by the microcontroller unit, the data by means of the IV.

One embodiment is a computer program for encrypting by means of a devicein a wireless mesh network, when run in the device (computer). Theprogram comprises a communication code for providing, by the radiotransceiver, a bi-directional mesh communication to a first node device,a receiving code for receiving, by the radio transceiver, a broadcastedbeacon from the first head node device, and a sending code for sending,by the radio transceiver, a data frame to the first node device. Theprogram further comprises a composing code for composing, by themicrocontroller unit, an IV from at least a first node-specific SFCincluded into the beacon, a SNSC, and an identification of a sender, andan encrypting code for encrypting, by the microcontroller unit, the databy means of the IV.

One embodiment is a tangible non-volatile computer-readable mediumcomprising a computer program for encrypting by means of a device in awireless mesh network, when run in the device. The program comprises acommunication code for providing, by the radio transceiver, abi-directional mesh communication to a first node device, a receivingcode for receiving, by the radio transceiver, a broadcasted beacon fromthe first node device, and a sending code for sending, by the radiotransceiver, a data frame to the first node device. The program furthercomprises a composing code for composing, by the microcontroller unit,an IV from at least a first node-specific SFC included into the beacon,a SNSC, and an identification of a sender, and an encrypting code forencrypting, by the microcontroller unit, the data by means of the IV.

Further embodiments are disclosed the in dependent claims.

BRIEF DESCRIPTION OF THE FIGURES

The embodiments are presented with reference to the following figures:

FIG. 1 presents an example of a wireless mesh network

FIG. 2 presents an example of a data frame format of a cluster beacon

FIG. 3 presents an example of data frame format

FIG. 4 presents an example of a mesh-enabled node device hardwarearchitecture

DETAILED DESCRIPTION OF THE FIGURES

FIG. 1 presents a wireless mesh network system 100 that comprises atleast one cluster 110.

The WMN 100 is e.g. a WSN and it is designed, but not limited, for radiosystems using e.g. 5 GHz, 2.4 GHz, 868 MHz, 870 MHz, and 915 MHzunlicensed frequency bands. Similarly, operation in licensed spectrum orShared Licensed Access (LSA) spectrum can be supported.

Each cluster 110 of the WMN 100 comprises a head (first) node device 102and at least one member (second) node (subnode) device 104, which cancomprise e.g. one, two, three, four as in the figure, five or more nodes104.

In addition, the WMN 100 can have head nodes 102 without members nodes104. This can be especially important in edge of the WMN 100 allowingpossible new nodes to find the existing WMN 100.

Alternatively, all nodes of the WMN 100 can operate as head nodes 102and transmit a cluster beacon (message) enabling any other node totransmit for it. Thus, an operation where only part of the nodes operateas head nodes 102 is an optimization of the WMN 100.

The head node 102 provides a bi-directional mesh data communication tothe at least one member node 104 and vice versa.

The head node 102 communicates with the at least one member node 104inside the at least one cluster and with a gateway device (sink node)106 or other head node 102 of the WMN 100 outside the at least onecluster 110.

Alternatively, the WMN 100 can comprise only single sink node 106, whichoperates as a head node (cluster head) 102 and other nodes are connectedwith that, whereupon the nodes connected to the sink node 106 functionas member nodes 104 and, thus, forming one cluster 110. However, typicalsensor network is such that all nodes 104 cannot communicate directlywith the sink node 106 due to extensive distance between nodes 104, 106and limited radio range, whereupon it is needed multi-hop communicationbetween a node 104 and the sink 106 and benefits of the preferredembodiments become apparent.

The head node 102 broadcasts the cluster beacon or any other broadcastmessage periodically, and the head and member nodes 102, 104 areconfigured to sent data bi-directionally in a format of data frames toeach other.

Security is one of the most crucial features of the WMNs 100, to ensuretrust of the communication and that data of the communication iscorrect. Overall end to end security contains several aspects, such asauthentication, key management, providing tamper proof devices etc.

The WMN 100 is capable of routing data from single end node 102, 104towards the sink node 106 of the WMN 100 when utilizing specificencryption method. One possible encryption method is e.g. AdvancedEncryption Standard (AES) counter CTR mode for encryption and CMAC forintegrity protection.

The encryption can be based on any stream cipher based on any blockcipher method, which can also be e.g. Eliptic-curve cryptography (ECC),Data Encryption Standard (DES), or Triple Data Encryption Standard(DES5).

The encryption (communication) method does not consider authenticationor key distribution methods, rather pre-request is that each node 102,104 has valid key for ciphering. Any key distribution method such aspre-installed key, provisioned key material or other method would bepossible with this method.

The encryption method comprises updating and maintaining anInitialization Vector (IV) which is used as nonce in cipheringprotection for AES. Even though AES uses term IV, in other encryptionmethods can use more generic term nonce for this purpose.

The data frames in communication are encrypted by means of the IV, whichhas been composed from at least a head node-specific Super Frame Counter(SFC) included into the cluster beacon and a Sender-Node-Specific-FrameCounter (SNSC).

The SFC is initialized by the head node 102 when it starts to transmitthe SFC in the cluster beacon. One possible method for initializing theSFC is create a random number based on information below for input datafor AES-128 that is used as a hash.

Input data for hash consists of: an unique processor ID of the head node102, a device's radio network address, and a true random numbergenerator.

This enables that different head nodes 102 transmitting the SFC,initialize the SFC to different value, especially when starting theoperation in devices (nodes 102, 104) power up or restart.

FIG. 2 presents an example of a data frame format of a cluster beaconmessage and FIG. 3, for one, an example of a data frame format of a datamessage.

The cluster beacon can be replaced by any other broadcast message (datamessage) in the WMN 100 when the message contains the SFC.

The IV is divided to the SFC, a network radio address, a sender address,and the SNSC, whereupon it is easy to see that the network radio andsender addresses are used together with the SFC and SNSC to compose theIV.

The head node 102 of the cluster 110 creates the SFC by initializingrandomly a SFC value, so, the SFC is a randomly initialized e.g. 8-bytecounter that is individually and independently maintained by every headnode 102.

The head node 102 includes the SFC to its broadcasted cluster beaconframe and transmits periodically the cluster beacon. The SFC forms halfof the IV that is used during this superframe. Cluster head 102increments the SFC before transmitting the SFC again in the clusterbeacon. Periodic transmission of the SFC can be seen as superframeperiods. The SFC can be incremented by one, or the incrementation can beany linear operation. Alternatively, the head node 102 initializes theSFC to new random value before a transmission of a next cluster beacon.However, in such case, each member node 104 must receive always thelatest cluster beacon message. So, member nodes 104 get the SFC byreceiving the cluster beacons.

Additionally, each member node 104 maintain the SFC after receiving itfrom the head node 102. This allows nodes 104 to send data even thoughthey have not received previous cluster beacon message. This is possiblein a cluster head operation, where the SFC is incremented by predefinedvalue before transmission new SFC.

A network radio address (network ID), for e.g. 3 bytes are used in theIV and it is known to all nodes 102, 104 being part of the WMN 100. Thisinformation can be obtained from node's configuration containing fore.g. network provisioning credentials of the WMN 100.

Additionally, the network radio address can be hashed or simple Xor withthe destination receiver address of the packet. This provides additionalsecurity measure as only intended receiver node 102, 104 can decipherthe packet correctly and avoids theoretical problem that a single node102, 104 would use same SFC value hearing different head nodestransmission. This is achieved as each node 102, 104 has unique ID inthe WMN 100 and Xor that with network ID will give different sequence.Naturally, different networks 100 use different keys, so thatutilization of the same IV is not an issue.

In addition, a sender address (source address, sender ID) of e.g. 3bytes, which identifies the sender, is included to the IV by the sendernode 102, 104, which is then included in all transmitted frames asplaintext as presented in FIG. 3.

The SNSC of e.g. 2 bytes is part of each data message transmitted by thenode 102, 104 and is transmitted as plain text and increased with everytransmitted frame. Additionally, in ciphered broadcast messages the SNSCvalue can be set to zero or pre-set value to avoid overhead.

The SNSC is a 2-bytes counter that directly gives the lowest byte of theIV required for message decryption. Every involved node 102, 104 mayreset SNSC when the superframe starts. The resetting can set the SNSC tozero or any other initial value. To ensure uniqueness of the IV, thesender shall not use twice same SNSC with same SFC. The head node 102can detect that some member node 104 has high number of frames since theprevious SFC transmission and the node 104 is running out of SNSC space.In such case, the head node 102 can transmit cluster beacon outsidenormal periodicity, with a new SFC value to allow member nodes 104 toinitialize the SNSC and have again an unique IV.

When a node 102, 104 creates a message to be sent, it first includes theinitial SNSC to the message as plaintext. After that the message isencrypted, whereupon internal SNSC increases. At the receiving node 102,104, the SNSC and sender node id are picked from the message and usedfor decryption the IV.

So, when the head node 102 includes the SFC into a frame of the clusterbeacon before broadcasting it and sends the cluster beacon, it leads toa situation, where any node 104 that receives the cluster beacon cantransmit the ciphered packet to the head node 102 by using the uniqueIV.

The node 104 can send ciphered frame to the cluster node 102 by usingthe IV that is composed from received SFC, network address, its ownaddress, and SNSC. A node 102, 104 which can hear multiple networkbeacons can decide for every frame which cluster 110 should receive thisframe as it can simply maintain multiple SFC. This allows packet bypacket decision of the routing towards multiple head nodes 102 by thesender node 104. Additionally, as data packet contains the MIC forintegrity protection, any node receiving the frame can determine whetherit should receive that data frame, as if the node is not using a correctIV, the MIC calculation will fail.

In addition, it is possible that the head node 102 sends the SFC to themember node 104 along a data packet so that it is embedded in the dataframe. This would result self-contained data frame and, then, that dataframe can be received outside the cluster 110 without prior knowledge ofthe SFC used in the cluster 110.

Additionally, in case, that member node 104 misses the cluster beacon orcluster head 102 is not allowed (is prohibited) to send the clusterbeacon, e.g. due to Listen-Before-Talk (LBT) prevention, the node 104can predict the next used SFC value from the value used in previouscluster beacon, i.e. from prior information. Thus, the node is able tosend data to the cluster head 102.

In addition, SFC information can be delivered to other head nodes 102 inthe WMN 100 and out of reach the head node 102 of the cluster 110.

The IV structure provides uniqueness per message, because the IV is anetwork specific and a sender-node-specific. In addition, the IV can bemade sender and receiver specific by additional Xor procedure betweenthe network address and receiver address as presented above.

In addition, the IV structure is such that the IV cannot repeat insidesuperframe because of SNSC.

In addition, the IV structure has a 64-bit randomly initialized SFC thatincreases only once per superframe.

In addition, the IV structure enables that overhead of the packet isminimized. This is achieved as periodicity of the cluster beacon frameand corresponding SFC can be significantly lower than data framestransmitted by all nodes 104 communicating with the head node 102 duringcluster beacon frame period. Additionally, there is no peer-to-peersignalling need when node 104 changes target cluster head 102.

Additionally, when some node 104 decides to start operating as clusterhead 102, it can initiate cluster beacon transmission and any other nodehearing that beacon can start using it as routing device without anypeer-to-peer signalling to setup security.

Additionally, when radio condition of some member node 104 changes orthe member node 104 is mobile and, thus, detects a new head node 102from the cluster beacon, it can initiate secure communicationimmediately with the head node 102 after receiving the cluster beacontransmission, avoiding any non-secure signalling between the member node104 and the head node 102 to initialize ciphering. Thus, method providesefficient way to manage the IV in the WMN 100 with mobile nodes 102,104.

In addition, this enables a mesh network solution, where cluster beaconsare transmitted and the SFC are updated with different periods indifferent parts of the WMN 100 independently. This supports differentbeacon detection rates for mobility and different IV update rates due tovery high number of data from some nodes 102, 104.

Furthermore, there is no need to distribute and synchronize the IVinformation between all network members as in Bluetooth Mesh solutionreducing the signalling overhead of the system.

It is good to notice that the number of bytes in the cluster beacon anddata frames are exemplary and the number of used bytes may vary in theframes.

FIG. 4 presents an example of a mesh-enabled node device hardwarearchitecture.

A mesh-enabled node device (apparatus) 400 includes a memory 401,microcontroller unit (MCU) 402, a radio transceiver 403, antenna 404,and a power supply 405.

The node device 400 can be a head node 102 or a member node 104.

The MCU 402 is used to run computer program (code) for a possibleapplication and WMN protocol. The node device 400 uses radio transceiver403 in order to transmit and receive mesh data between other nodedevices 400 and/or the gateway device 106, and to transmit data framesvia the antenna 404. The power supply 405 includes components forpowering the device, e.g. a battery and a regulator.

The memory 401 comprises the computer program, which is configured toperform actions of the node 102, 104, 400 presented in this descriptionpart, when it is run in a computer, e.g. in the node 102, 104, 400 bymeans of the MCU 402.

Such action can be the production of a bi-directional mesh communicationbetween the head and member (first and second) nodes 102, 104 by usingthe radio transceiver 403.

In addition, such action can be the inclusion of an SFC into a clusterbeacon or other broadcast message, when the node 400 function as a head(first) node 102.

In addition, such action can be the broadcast of the cluster beacon orother broadcast message periodically to member nodes 104 by using theradio transceiver 403, when the node 400 function as a head node 102.

In addition, such action can be the reception of a broadcasted clusterbeacon or other broadcast message from the head node device 102 by usingthe radio transceiver 403, when the node 400 function as a member(second) node 104.

In addition, such action can be the transmission of a data frame to thehead node device 102 by using the radio transceiver 403, when the node400 function as a member node 104.

In addition, such action can be the composition of an IV from at least ahead (first) node-specific SFC included into the cluster beacon or otherbroadcast message, a SNSC, and an identification of a sender, when thenode 400 function as a member node 104.

In addition, such action can be the encryption of the data by means ofthe IV, when the node 400 function as a member node 104.

The computer program can be stored in a tangible non-volatile computerreadable medium, e.g an USB stick or a CD-ROM disc.

This IV structure ensures that each node 102, 104 has the IV to be usedas nonce that is only used once.

In addition, the IV structure enable to avoid sending a full 16-byte IVin each data frames, whereupon data packets are shorter and those savesenergy, reduce interference, and increase amount payload data perpacket.

In addition, the IV structure ensures that routing of the ciphered datacan change rapidly without extensive overhead to update nonce betweendifferent nodes 102, 104.

In addition, the IV structure ensures that any node 102, 104 can receiveany other node's 102, 104 ciphered data with minimum delay.

In addition, the IV structure ensures that different WSNs do not use thesame IV values.

In addition, the IV structure allows any single node 102,104 to transmitdifferent data to different routing nodes 102, 104 and cipher each linkindependently.

In addition, the IV structure avoids security corruption in case thatnode 102, 104 is out coverage and cannot receive frames from other nodes102, 104, but when getting coverage allow communication to continuewithout extensive signalling.

In addition, the IV structure avoids distributing updated IV to allnodes 102, 104 that are not necessary for certain data routes.

The invention claimed is:
 1. A wireless mesh network (100) comprising afirst node (102, 400) and at least one second node (104, 400) whereinthe first node is configured to provide a bi-directional meshcommunication to the at least one second node, which first node isconfigured to broadcast a beacon periodically, and which at least onesecond node is configured to sent a data frame to the first node,wherein the data frame is encrypted by means of an Initialization Vector(IV), which has been composed from at least a first node-specific SuperFrame Counter (SFC) included into the beacon, aSender-Node-Specific-Frame Counter (SNSC), and an identification of asender.
 2. The network of claim 1, wherein the first node includes theSFC into a frame of the beacon before broadcasting it.
 3. The network ofclaim 1, wherein the first node is configured to independently maintainthe SFC, which is a randomly initialized byte counter.
 4. The network ofclaim 1, wherein the first node is configured to maintain a plurality ofSFCs comprising the SFC, whereupon the first node can determine whichcluster (110) belonging to the group of the at least one cluster shouldreceive a data frame heard by the first node.
 5. The network of claim 1,wherein the at least one second node maintains the SFC after receivingit from the first node.
 6. The network of claim 1, wherein the IVfurther comprises a network radio address and a sender address, whereinthe SFC forms a half of the IV, and wherein the network radio and senderaddresses are used together with the SFC and SNSC to compose the IV. 7.The network of claim 6, wherein the network radio address is hashed orXOR-encrypted.
 8. The network of claim 1, wherein the encryption isbased on any stream cipher based on any block cipher method, which is anAdvanced Encryption Standard (AES)-, Eliptic-curve cryptography (ECC)-,Data Encryption Standard (DES)-, or Triple Data Encryption Standard(DES5)-based encryption.
 9. The network of claim 1, wherein the at leastone second node is configured to predict a next value for the SFC basedon prior information when it is unable to receive the beacon from thefirst node or the broadcast of the beacon is prohibited.
 10. The networkof claim 1, wherein the at least one second node is configured toreceive a SFC value of the first node embedded in the data frame. 11.The network of claim 1, wherein SFC information is delivered to otherfirst nodes (102, 400) out of reach the first node.
 12. The network ofclaim 1, wherein the network comprises at least one cluster (110),wherein the first node is a head node (102, 400) and the second node isa member node (104, 400), and wherein each cluster (110) comprises thehead node and at least one member node (104, 400).
 13. The network ofclaim 12, wherein the head node is configured to communicate with the atleast one member node inside the at least one cluster.
 14. The networkof claim 12, wherein the beacon is a cluster beacon.
 15. An encryptingmethod for a wireless mesh network (100), comprising steps of including,by a first node (102, 400), an initialized first node-specific SuperFrame Counter (SFC) into a beacon, broadcasting, by the first node, thebeacon periodically, receiving, by at least one second node (104, 400),the beacon, composing, by the at least one second node, anInitialization Vector (IV) from at least the SFC obtained from thebeacon, a Sender-Node-Specific-Frame Counter (SNSC), and anidentification of a sender, and using, by the at least one second node,the IV in order to encrypt a data frame to be sent to the first node.16. A node device (104, 400) for a wireless mesh network (100),comprising a microcontroller unit (402) and a radio transceiver (403),which device is configured to provide, by the radio transceiver, abi-directional mesh communication to a first node device (102, 400), toreceive, by the radio transceiver, a broadcasted beacon from the firstnode device, and to sent, by the radio transceiver, a data frame to thefirst node device, wherein the device encrypts the data frame by meansof an Initialization Vector (IV), which has been composed from at leasta first node-specific Super Frame Counter (SFC) included into thebeacon, a Sender-Node-Specific-Frame Counter (SNSC), and anidentification of a sender.
 17. An encrypting method for a node device(104, 400) in a wireless mesh network (100), comprising steps ofproviding, by the radio transceiver, a bi-directional mesh communicationto a first node device (102, 400), receiving, by the radio transceiver,a broadcasted beacon from the first node device, sending, by the radiotransceiver, a data frame to the first node device, composing, by themicrocontroller unit, an Initialization Vector (IV) from at least afirst node-specific Super Frame Counter (SFC) included into the beacon,a Sender-Node-Specific-Frame Counter (SNSC), and an identification of asender, and encrypting, by the microcontroller unit, the data by meansof the IV.
 18. A non-transitory, computer-readable medium on which isstored a computer program, which when executed by a computer, causes thecomputer to perform an encrypting method for a node device (104, 400) ina wireless mesh network (100), comprising steps of providing, by theradio transceiver, a bi-directional mesh communication to a first nodedevice (102, 400), receiving, by the radio transceiver, a broadcastedbeacon from the first node device, sending, by the radio transceiver, adata frame to the first node device, composing, by the microcontrollerunit, an Initialization Vector (IV) from at least a first node-specificSuper Frame Counter (SFC) included into the beacon, aSender-Node-Specific-Frame Counter (SNSC), and an identification of asender, and encrypting, by the microcontroller unit, the data by meansof the IV.
 19. The network of claim 2, wherein the first node isconfigured to independently maintain the SFC, which is a randomlyinitialized byte counter.
 20. The network of claim 2, wherein the firstnode is configured to maintain a plurality of SFCs comprising the SFC,whereupon the first node can determine which cluster (110) belonging tothe group of the at least one cluster should receive a data frame heardby the first node.